Industry-leading security experts and tested security services

At Castellan Information Security, our industry-leading security experts and tested security services help us build strong relationships with the clients we serve. We have gained their trust to lead security projects and services to enhance their information security programs. We also supply industry-leading, experienced, and certified expert security professionals to organizations looking to bridge the skills gap or to increase capacity levels within their in-house IT teams or service providers.

Our advisory services focus on providing information security solutions in the following key areas:

GRCP and Staff Augmentation

  • Governance
  • Risk
  • Compliance
  • Preparedness
  • Staff Augmentation

Castellan Information Security recognized as "certified supplier" under the Canadian Aboriginal and Minority Supply Council (CAMSC).

CAMSC is a not-for-profit national organization that certifies and prepares diverse suppliers to successfully engage and respond to corporate and government buyers. It facilitates the growth of Aboriginal and minority owned businesses by connecting them to procurement activities with companies and governments committed to a diverse and inclusive supply chain.

How we help organizations?

Castellan Information Security provides GRCP and staff augmentation services to organizations, allowing them the flexibility, cost-efficiency, and availability to access top-tier expertise. With the cyber threat landscape constantly evolving, having a responsive and adaptable team is essential to protect sensitive data and maintain business continuity.

By supporting our client's cybersecurity workforce, organizations can enhance their security posture and focus on their core operations, all while mitigating the risks of the digital age.

Types of roles Castellan provides to our clients:

  • Security Architects
  • Security Analysts
  • Security Engineers
  • Security Consultants
  • Security Project/Program Managers
  • Business Resilience Consultants (Disaster Recovery, Business Continuity)
  • Risk & Compliance Analysts/Consultants
  • Governance & Policy Consultants
  • Identity & Access Management Analysts/Consultants
  • Penetration Testing and Vulnerability Assessment Experts


Our bench of experts

Castellan Information Security markets our own staff and a bench of ~100 industry leading information security experts for our projects and to our clients for staff augmentation, service delivery and project implementation.

What is an integrated approach?

The "Integrated Information Security" approach is a qualitative exercise that focuses on identifying the client's vulnerabilities with the five components of integrated information security:

Governance and corporate culture

  • Does your organization manage Information Security like your other corporate priorities?
  • Do you have an organizational information security policy in place to guide how information is managed and protected?

Physical and personnel security

  • Do you have the required policies and processes in place to ensure your human resources and infrastructure operate in a manner that takes into account the importance of information security?
  • Do employees understand that sound information security practices are a clear expectation of their work performance?

Non-IT information

  • Is it clear to all staff and management how effectively handle, store and share sensitive non-IT information and do they have access to sufficient storage equipment to protect this information?
  • Does your organization have clear procedures to manage (store, log, track, dispose) information contained on portable storage devices such as memory sticks?

IT and cyber security counter measures

  • Does your organization have robust cyber security controls in place?
  • Does your organization conduct regular reviews of your IT assets to discover security vulnerabilities, and upon discovery assign proper severity to trigger remediation actions?
  • Does your organization have a proper program in place to manage third-party security risks?

Emergency management and business continuity

  • Do you have plans in place to prepare your organization for information security-related situations such as an information breach of private data in order to limit business impacts, protect your clients, and meet legislation requirements?
  • Are you clear on what regulatory bodies need to be immediately notified in the event of a data/privacy breach?


Proven expertise across diverse client relationships

Our clients include large, medium and small-scale organizations in the public and private sectors, such as:

  • Government (Federal, Provincial, Crown Corporations)
  • Telecommunications
  • Insurance
  • Health Care
  • Education
  • Retail and Manufacturing
  • Non-Profit, Charitable Organizations, and Industry Associations

Integrated security for organizations protecting their valuable assets

Unite Interactive